CVE-2014-8135
Summary
The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.
- LOW
- LOCAL
- NONE
- NONE
- NONE
- PARTIAL
References
Advisory Timeline
- Published